Gửi #501351: D-Link DIR-816 1.01TO Cross Site Scriptingthông tin

tiêu đềD-Link DIR-816 1.01TO Cross Site Scripting
Mô tảIn the 'cgi-bin/webproc' directory within the user account, there is an unrestricted stored Cross-Site Scripting (XSS) vulnerability and injection attacks on the 'SSID' parameter of the "D-Link DIR-816" system. This function executes the user parameter without restrictions. To view the script in action, simply access the 'Setup' directory. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients.
Nguồn⚠️ http://x.x.x.x:8080/cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic
Người dùng
 Fergod (UID 55882)
Đệ trình14/02/2025 18:00 (cách đây 1 Năm)
Kiểm duyệt17/02/2025 11:10 (3 days later)
Trạng tháiđược chấp nhận
Mục VulDB296023 [D-Link DIR-816 1.01TO index.html&var:menu=24gwlan&var:page=24G_basic SSID Tập lệnh chéo trang]
điểm20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!